An economic analysis of the optimal information security investment in the case of a risk-averse firm

[1]  Kjell Hausken,et al.  Returns to information security investment: The effect of alternative information security breach functions on optimal investment and sensitivity to vulnerability , 2006, Inf. Syst. Frontiers.

[2]  Dmitri Nizovtsev,et al.  Understanding and Influencing Attackers' Decisions: Implications for Security Investment Strategies , 2006, WEIS.

[3]  Xin Luo,et al.  A framework for spyware assessment , 2005, CACM.

[4]  Huseyin Cavusoglu,et al.  The Value of Intrusion Detection Systems in Information Technology Security Architecture , 2005, Inf. Syst. Res..

[5]  Lawrence Bodin,et al.  Evaluating information security investments using the analytic hierarchy process , 2005, CACM.

[6]  L. Camp Economics of Information Security , 2006 .

[7]  Steve Purser Improving the ROI of the security management process , 2004, Comput. Secur..

[8]  Huseyin Cavusoglu,et al.  Configuration of Detection Software: A Comparison of Decision and Game Theory Approaches , 2004, Decis. Anal..

[9]  Huseyin Cavusoglu,et al.  Model for Evaluating , 2022 .

[10]  Michael D. Smith,et al.  Computer security strength and risk: a quantitative approach , 2004 .

[11]  J. Kesan,et al.  The Economic Case for Cyberinsurance , 2004 .

[12]  Huseyin Cavusoglu,et al.  Economics of IT Security Management , 2004, Economics of Information Security.

[13]  Shamkant B. Navathe,et al.  Evaluating Damages Caused by Information Systems Security Incidents , 2004, Economics of Information Security.

[14]  Hal R. Varian,et al.  System Reliability and Free Riding , 2004, Economics of Information Security.

[15]  Peng Liu,et al.  Incentive-based modeling and inference of attacker intent, objectives, and strategies , 2003, CCS '03.

[16]  Daniel E. Geer,et al.  Information Security: Why the Future Belongs to the Quants , 2003, IEEE Secur. Priv..

[17]  Michael E. Whitman Enemy at the gate: threats to information security , 2003, CACM.

[18]  Huseyin Cavusoglu,et al.  Configuration of Intrusion Detection Systems: A Comparison of Decision and Game Theoretic Approaches , 2003, ICIS.

[19]  Vicky Henderson,et al.  Real options with constant relative risk aversion , 2002 .

[20]  Lawrence A. Gordon,et al.  The economics of information security investment , 2002, TSEC.

[21]  Francesco Menoncin Optimal portfolio and background risk: an exact and an approximated solution , 2002 .

[22]  Amitava Dutta,et al.  Management's Role in Information Security in a Cyber Economy , 2002 .

[23]  Jan Dhaene,et al.  Modern Actuarial Risk Theory , 2001 .

[24]  Ross J. Anderson Why information security is hard - an economic perspective , 2001, Seventeenth Annual Computer Security Applications Conference.

[25]  R. Power CSI/FBI computer crime and security survey , 2001 .

[26]  Michael M. May,et al.  How much is enough? A risk management approach to computer security , 2000 .

[27]  Detmar W. Straub,et al.  Coping With Systems Risk: Security Planning Models for Management Decision Making , 1998, MIS Q..

[28]  Hans U. Gerber A.S.A.,et al.  Utility Functions: From Risk Theory to Finance , 1998 .

[29]  L. Gómez-Mejia,et al.  A Behavioral Agency Model of Managerial Risk Taking , 1998 .

[30]  Sid Browne,et al.  Optimal Investment Policies for a Firm With a Random Risk Process: Exponential Utility and Minimizing the Probability of Ruin , 1995, Math. Oper. Res..

[31]  Houston H. Carr,et al.  Threats to Information Systems: Today's Reality, Yesterday's Understanding , 1992, MIS Q..

[32]  Fred Niederman,et al.  Information Systems Management Issues for the 1990s , 1991, MIS Q..

[33]  M. Jegers Prospect Theory and The Risk-Return Relation: Some Belgian Evidence , 1991 .

[34]  M. Subrahmanyam,et al.  Risk Aversion and the Intertemporal Behavior of Asset Prices , 1990 .

[35]  Detmar W. Straub,et al.  Effective IS Security: An Empirical Study , 1990, Inf. Syst. Res..

[36]  Peter C. Fishburn,et al.  Retrospective on the utility theory of von Neumann and Morgenstern , 1989 .

[37]  H. Thomas,et al.  Attitudes Toward Risk and The Risk–Return Paradox: Prospect Theory Explanations , 1988 .

[38]  H. Thomas,et al.  Risk-attitudes and the risk return paradox : prospect theory explanations , 1985 .

[39]  K. Borch THE ECONOMICS OF UNCERTAINTY, I. , 1969 .

[40]  J. Pratt RISK AVERSION IN THE SMALL AND IN THE LARGE11This research was supported by the National Science Foundation (grant NSF-G24035). Reproduction in whole or in part is permitted for any purpose of the United States Government. , 1964 .

[41]  L. J. Savage,et al.  The Expected-Utility Hypothesis and the Measurability of Utility , 1952, Journal of Political Economy.